1 results (0.002 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9332 – WordPress Uninstall <= 1.2.1 - Cross-Site Request Forgery to Site Reset
https://notcve.org/view.php?id=CVE-2015-9332
The uninstall plugin before 1.2 for WordPress has CSRF to delete all tables via the wp-admin/admin-ajax.php?action=uninstall URI. El plugin WP-all-importación antes de 3.2.5 para WordPress tiene la inyección SQL ciega. • https://wordpress.org/plugins/uninstall/#developers • CWE-352: Cross-Site Request Forgery (CSRF) •